Calling sigprocmask() through the PLT requires setting the ebx register
to the address of the global offset table, otherwise chaos ensues. Also
the value of the ecx register was assumed to be preserved across that
function call despite the fact that it is caller-saved in the x86
calling convention.
1. Move htonl() etc. from <arpa/inet.h> to <netinet/in.h> (which
<arpa/inet.h> includes).
The htonl(), htons(), ntohl(), and ntohs() functions shall be
available as described in <arpa/inet.h>. Inclusion of the
<netinet/in.h> header may also make visible all symbols from
<arpa/inet.h>.
- POSIX
2. Define IN6_IS_ADDR_LOOPBACK() and IN6_IS_ADDR_V4MAPPED()
For some reason X/OPEN requires that fd_set has a field fds_bits. Xproto
requires either fds_bits or _fds_bits to be present, so the field 'bits'
was renamed 'fds_bits'
The `-z,text` linker flag causes the linker to reject shared libraries
and PIE executables that have textrels. Our code mostly did not use
these except in one place in LibC, which is changed in this commit.
This makes GNU ld match LLD's behavior, which has this option enabled by
default.
TEXTRELs pose a security risk, as performing these relocations require
executable pages to be written to by the dynamic linker. This can
significantly weaken W^X hardening mitigations.
Note that after this change, TEXTRELs can still be used in ports, as the
dynamic loader code is not changed. There are also uses of it in the
kernel, removing which are outside the scope of this PR. To allow those,
`-z,notext` is added.
We are not using this for anything and it's just been sitting there
gathering dust for well over a year, so let's stop carrying all this
complexity around for no good reason.
This adds a stub for fnmatch and the following defined values:
- FNM_PATHNAME
- FNM_NOESCAPE
- FNM_PERIOD
- FNM_FILE_NAME
- FNM_LEADING_DIR
- FNM_CASEFOLD
- FNM_EXTMATCH
This patch begins the work of sharing types and macros between Kernel
and LibC instead of duplicating them via the kludge in UnixTypes.h.
The basic idea is that the Kernel vends various POSIX headers via
Kernel/API/POSIX/ and LibC simply #include's them to get the macros.
This is no longer needed as per the previous commit, UserspaceEmulator's
malloc tracer now correctly handles functions called from within
`malloc` and `free`. This might also have a benefit on performance
because forcibly inlining all function calls pessimizes cache locality.
It was fragile to use the address of the body of the memory management
functions to disable memory auditing within them. Functions called from
these did not get exempted from the audits, so in some cases
UserspaceEmulator reported bogus heap buffer overflows.
Memory auditing did not work at all on Clang because when querying the
addresses, their offset was taken relative to the base of `.text` which
is not the first segment in the `R/RX/RW(RELRO)/RW(non-RELRO)` layout
produced by LLD.
Similarly to when setting metadata about the allocations, we now use the
`emuctl` system call to selectively suppress auditing when we reach
these functions. This ensures that functions called from `malloc` are
affected too, and no issues occur because of the inconsistency between
Clang and GCC memory layouts.
GCC implements `fputc`, `fputs` and `fwrite` as builtin functions, whose
`FILE*` argument is implicitly marked `__attribute__((nonnull))`. This
causes our `VERIFY(stream)` statements to be removed. This does not
happen with Clang, as they do not use the `nonnull` attribute in this
way.
The `nonnull` attribute may delete null checks in the generated code, as
per the [GCC documentation]:
> The compiler may also perform optimizations based on the knowledge
> that nonnul parameters cannot be null. This can currently not be
> disabled other than by removing the nonnull attribute.
Disassembling the function as compiled by GCC, we can see that there is
no branch based on if `tv` is null. This means that `gettimeofday`
would produce UB if passed a null parameter, even if we wanted to
predictably return an error. Clang refuses to compile this due to a
`pointer-bool-conversion` warning.
In this commit, `settimeofday` is changed as well to match
`gettimeofday`'s null argument handling.
[GCC documentation]:
https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-nonnull-function-attribute
Since the InodeIndex encapsulates a 64 bit value, it is correct to
ensure that the Kernel is exposing the entire value and the LibC is
aware of it.
This commit requires an entire re-compile because it's essentially a
change in the Kernel ABI, together with a corresponding change in LibC.
The POSIX C regex functions are expected to live in the C standard
library, but Serenity split off its regex library into LibRegex. Make a
compromise by implementing stub forwarders for the C regex library that
load libregex.so and call the real implementation.
This is needed for ports that expect these C functions to be available
inside the standard C library without introducing a strong coupling
between LibC and LibDl or LibRegex. The non-standard Serenity C++ regex
API still lives inside LibRegex as before.
Making userspace provide a global string ID was silly, and made the API
extremely difficult to use correctly in a global profiling context.
Instead, simply make the kernel do the string ID allocation for us.
This also allows us to convert the string storage to a Vector in the
kernel (and an array in the JSON profile data.)
